CVE-2014-0203 : The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname

The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call.

Published 2014-06-23 11:21:17

Updated 2023-02-13 00:37:21

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2014-0203

Probability of exploitation activity in the next 30 days: 0.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 35 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-0203

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.9	MEDIUM	AV:L/AC:L/Au:N/C:N/I:N/A:C	3.9	6.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2014-0203

CWE-416 Use After Free

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-0203

http://linux.oracle.com/errata/ELSA-2014-3043.html

linux.oracle.com | ELSA-2014-3043
Third Party Advisory

CVEs referencing this url
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=86acdca1b63e6890540fa19495cfc708beff3d8b
https://bugzilla.redhat.com/show_bug.cgi?id=1094363

1094363 – (CVE-2014-0203) CVE-2014-0203 kernel: fs: slab corruption due to the invalid last component type during do_filp_open()
Exploit;Issue Tracking;Patch;Third Party Advisory
https://github.com/torvalds/linux/commit/86acdca1b63e6890540fa19495cfc708beff3d8b

fix autofs/afs/etc. magic mountpoint breakage · torvalds/linux@86acdca · GitHub
Patch;Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-0771.html

linux.oracle.com | ELSA-2014-0771
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/68125

Linux Kernel 'mm/slab.c' Local Denial of Service Vulnerability
Third Party Advisory;VDB Entry

Products affected by CVE-2014-0203

Linux » Linux Kernel
Versions before (<) 2.6.33
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Oracle » Linux » Version: 5
cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
Matching versions
Oracle » Linux » Version: 6
cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-0203

Exploit prediction scoring system (EPSS) score for CVE-2014-0203

CVSS scores for CVE-2014-0203

CWE ids for CVE-2014-0203

References for CVE-2014-0203

Products affected by CVE-2014-0203